Managed cloud security remediation startup Tamnoon Inc. announced today that it has raised $12 million in new funding to accelerate its product roadmap, expand its partnership ecosystem and drive innovation in managed cloud security remediation.

Founded in 2022, Tamnoon offers a service focused on mitigating cloud security risks through a fusion of human intelligence and artificial intelligence. The company says the service reduces cloud exposures and enhances cloud security by optimizing and fortifying prioritization, triage, remediation and prevention processes with the aim of delivering more robust and mature continuous threat exposure management.

It’s designed for organizations that are shifting to the cloud and investing in visibility and cloud risk detection solutions — such as cloud-native application protection platforms and cloud security posture management — that also need a similarly scalable approach to the remediation process. According to Tamnoon, it takes 145 hours on average for a cloud security alert to be resolved and nearly half of organizations see up to 50 misconfigurations per day. Also, nearly half of cyber security professionals cite a lack of qualified staff as the biggest challenge when protecting cloud workloads.

Tamnoon argues that though existing solutions that provide auto-remediation can be appealing, poorly implemented automation can do more harm than good. In addition, modifying production infrastructure without proper testing and oversight can break business operations and cause production outages thanks to the complexity of cloud infrastructure.

The company’s solution differs by combining human intelligence with AI. The combination results in customers reporting significant improvements in their cloud security operations, Tamnoon says. Moreover, it claims, it provides a 90% reduction of critical cloud threat exposure within the first 90 days of service, while requiring just 10% of the resources companies would typically need using traditional professional services.

“Our vision is that neither fully automated nor human-driven cloud remediation approaches alone can address the complexity of cloud security posture management programs,” said co-founder and Chief Executive Marina Segal. “The idea of relying entirely on automation in remediation is overly optimistic.”

She added that it’s too risky to apply automation in critical production environments without human intervention. “Human expertise and oversight remain essential for ensuring the effectiveness of any automated or AI-powered cloud SecOps program,” she said.

Bright Pixel Capital S.C.R. S.A., previously Sonae IM SGPS S.A., led the Series A round, with participation from new investors Blu Ventures and Mindset Ventures, as well as existing investors Merlin Ventures, Secret Chord Ventures, Inner Loop Capital and Elron Ventures.

Image: Tamnoon